Secure Information Technology Center – Austria

Static analysis of selected Android applications

Kategorie: IT-Security

In this project, it has been analyzed on how a set of selected applications is capable of overcoming real-world threats. Based on current attack vectors, we have derived concrete inspection criteria and applied them on our dataset. As a result, it was feasible to uncover deficiencies in 8 of 10 analyzed applications. The found issues significantly undermine the achievable security level and can lead to the exposure of secrets and the leak of sensitive data to unrelated parties. Weiter lesen…

Firefox plugin highlighting security information

Kategorie: IT-Security

Typically, browsers keep the display of security-related information about called web pages to a minimum. While it is clearly indicated whether the connection to a server is encrypted, more fine-grained information is not printed or can only be retrieved by overcoming hurdles.

As a consequence, the objective of this project consisted in developing an extensible addon for Mozilla Firefox which inspects called domains regarding security-critical aspects and summarizes the results for security-affine users. Weiter lesen…